Dhanda and Jain’s Statements

Jupiter COO Kash Dhanda admitted that social media posts claiming “zero risk” were inaccurate.

Dhanda said, “We said there was zero risk on social media, which wasn’t entirely correct. We deleted the post, but we should have issued a correction immediately.”

He also explained that the vaults are managed with their own rules, and a portion of the investments can be used in other operations. Fluid co-founder Samyak Jain confirmed that user funds are not completely separate but noted that each vault has its own limits, collateral ratios, and penalty rules. This ensures some level of protection but invalidates full isolation claims.

Rival Criticism and Community Concerns

Kamino co-founder Marius Ciubotariu criticized Jupiter Lend’s structure. On X, he wrote, “If you deposit SOL and borrow USDC, your SOL gets used in other positions. All the risk falls on you. There’s no isolation; risk spreads across investments.”

Ciubotariu also emphasized that “using the term ‘isolated’ this way is misleading,” noting that rehypothecation nullifies any isolation claims. Kamino blocked certain Jupiter tools to prevent misleading users and requested the migration tool to be fully two-way.

(Rehypothecation means deposited collateral or assets can be reused by the platform in other operations.)

An industry insider anonymously commented, “Claiming isolation while using funds elsewhere is a breach of trust.” This view reflects growing community concerns.

Key Takeaways:

• Some funds are reused in other operations

• Risk can spread to other investments

• Users may not fully understand the exposure

• Deleting previous posts reduced trust

• Rival and industry warnings highlight potential violations

Performance, TVL, and Future Plans

Jupiter Lend’s total value locked exceeds $1 billion. The protocol reported zero losses during the major market crash in October. Dhanda stated that each vault operates under its own rules and limits, generating yields through these mechanisms.

Ciubotariu countered, “The platform was only live for one month with few positions. It requires years of testing to call it ‘safe.’” Jupiter Lend offers loan-to-value ratios up to 90% and uses a “custom liquidation engine” to manage risk.

Jupiter plans to release additional documentation and an explanatory video after the Solana Breakpoint conference, aiming to increase user confidence and enhance security across the Solana ecosystem.

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post Jupiter (JUP) Lend Risk Debate Sparks Solana Concerns appeared first on Coin Engineer.

With $44 million stolen, the crypto world is once again reminded of its vulnerabilities.

Attack Originated from Internal Liquidity Account

According to CoinDCX CEO Sumit Gupta, the breach stemmed from an internal account used for liquidity provision with another exchange. Hackers drained $44 million through what Gupta described as a “sophisticated server breach.”

“No user funds were affected,” Gupta assured. “The compromised account was isolated swiftly, and the loss will be covered entirely by our treasury reserves.”

Funds Traced Across Chains

On-chain analyst ZachXBT traced the attacker’s wallet back to Tornado Cash, where it was funded with 1 Ethereum. The stolen funds were then partially bridged from Solana to Ethereum, making tracking difficult.

You Might Be Interested In: Sonic SVM Research: Can New Stablecoins Shake Up the Old Order?

The incident echoes a similar hack on WazirX—another Indian exchange—exactly one year ago to the day, which resulted in a $235 million loss. Analysts see the timing as a grim reminder of persistent cybersecurity gaps in the crypto sector.

Wave of Recent Crypto Exploits

• Nobitex (Iran): $100 million stolen on June 18; source code leaked.
• GMX V1: $40 million drained on July 9, later returned for a $5M bounty.
• Arcadia Finance: $3.5 million lost due to smart contract exploit.

These repeated breaches stress the urgent need for better risk management in both centralized and decentralized ecosystems.

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post CoinDCX Suffers $44M Hack in Sophisticated Server Breach appeared first on Coin Engineer.

Following several technical analyses and on-chain data reports shared on X (formerly Twitter), investor concerns have grown. Independent analysts have pointed to unusual transaction patterns traced to specific wallet addresses, raising suspicions of a potential exploit being underway.

Sharp Price Decline in SUI and CETUS Tokens

After the news spread through social platforms, $SUI dropped by 3.8%, showing a swift negative response. The most significant impact, however, was seen in CETUS, the token at the heart of the incident. Cetus coin plummeted by approximately 40% within the same period, triggering alarm among holders.

You Might Be Interested In: Elon Musk Talks About the Name of a New Memecoin!

This downturn has dealt a blow not only to investor confidence in Cetus, but also to the overall reputation of the SUI network. Trading volumes surged as some investors scrambled to exit positions and shift funds to alternative protocols in an effort to minimize losses.

Official Statement Pending, All Eyes on Cetus Team

All attention is now on the Cetus Protocol team and their pending response. If the alleged exploit is confirmed, it will mark a serious reputational test not just for Cetus but for the broader SUI ecosystem. It may also prompt a renewed focus on smart contract security across other DeFi projects.

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post Shock in the SUI Ecosystem: Alleged Vulnerability in Cetus Protocol Smart Contracts appeared first on Coin Engineer.

One message. That’s all it takes for hackers to drain your entire wallet. A signed offchain message is now powerful enough to hand over control of your funds — no onchain transaction required.

EIP-7702: The Risky New Delegation Mechanism

Activated on May 7, 2025, Pectra’s centerpiece EIP-7702 introduces a transaction type called SetCode, which allows users to delegate control of their wallets via a simple signature.

Arda Usman, a Solidity smart contract auditor, confirmed: “An attacker can use this offchain signature to install malicious code into an externally owned account (EOA) and move ETH or tokens — without the user ever signing a transaction.”

This feature effectively transforms user wallets into smart contracts, opening the door to silent yet devastating attacks.

A Stealth Threat Via Innocent-Looking Messages

Yehor Rudytsia, an onchain researcher at Hacken, emphasized that this transaction type allows arbitrary code to be installed in wallets. Previously, such a change required an actual transaction; now, only a signature is enough.

You Might Be Interested In: Elon Musk Talks About the Name of a New Memecoin!

This shift means phishing attempts, fake DApps, or Discord scams can now result in complete wallet takeovers. “We believe this will become the most common attack vector following the Pectra upgrade,” Rudytsia warned.

Wallet applications that fail to correctly interpret transaction type 0x04 are especially vulnerable.

Hardware Wallets Are Not Immune Anymore

The once-clear distinction between hot and cold wallets is fading. Rudytsia highlighted that hardware wallets are now just as vulnerable if users unknowingly sign malicious messages: “Once signed, all funds can be gone in a moment.”

To stay safe, users should:

• Never sign messages they do not fully understand.
• Look out for delegation requests, especially those involving nonce values.
• Be aware that some delegation signatures can be replayed on any Ethereum-compatible chain.

While multisig wallets offer more robust protection, single-key wallets — including hardware ones — must adopt new safeguards to prevent exploitation.

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post Ethereum Pectra Update Contains a Critical Vulnerability! appeared first on Coin Engineer.